Merge pull request #1014 from splunk/lamehug

tccontre · web-flow · commit 0db79c3778d7 · 2025-08-25T18:57:59.000+02:00
lamehug
diff --git a/datasets/malware/T1007/net_start/net_start.log b/datasets/malware/T1007/net_start/net_start.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6d7213e8ae5e9329d07d55399aa600443eab9229ac8b7c87afb7a153f60ec2e1
+size 5721
diff --git a/datasets/malware/T1007/net_start/net_start.yml b/datasets/malware/T1007/net_start/net_start.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: 175f345e-81c9-11f0-af7e-629be3538068
+date: '2025-08-25'
+description: Generated datasets for net start in attack range.
+environment: attack_range
+directory: net_start
+mitre_technique:
+- T1007
+datasets:
+- name: net_start.log
+  path: /datasets/malware/T1007/net_start/net_start.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
diff --git a/datasets/malware/T1071.004/hugging_face/hugging_face.yml b/datasets/malware/T1071.004/hugging_face/hugging_face.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: 21fdc0b4-81d4-11f0-af7e-629be3538068
+date: '2025-08-25'
+description: Generated datasets for hugging face in attack range.
+environment: attack_range
+directory: hugging_face
+mitre_technique:
+- T1071.004
+datasets:
+- name: huggingface.log
+  path: /datasets/malware/T1071.004/hugging_face/huggingface.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'
diff --git a/datasets/malware/T1071.004/hugging_face/huggingface.log b/datasets/malware/T1071.004/hugging_face/huggingface.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5ee9ab56b4218aa52d316105fa330f09261324cd4630aa158d814dc1a72c02bd
+size 28232
diff --git a/datasets/malware/T1082/wmic_cmd/wmic_cmd.log b/datasets/malware/T1082/wmic_cmd/wmic_cmd.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7285d5187d1168b0c6f3422360510162beef0bfa4d070dc0e5abf3655ceab91a
+size 104546
diff --git a/datasets/malware/T1082/wmic_cmd/wmic_cmd.yml b/datasets/malware/T1082/wmic_cmd/wmic_cmd.yml
@@ -0,0 +1,13 @@
+author: Teoderick Contreras, Splunk
+id: 39db6f66-81c9-11f0-af7e-629be3538068
+date: '2025-08-25'
+description: Generated datasets for wmic cmd in attack range.
+environment: attack_range
+directory: wmic_cmd
+mitre_technique:
+- T1082
+datasets:
+- name: wmic_cmd.log
+  path: /datasets/malware/T1082/wmic_cmd/wmic_cmd.log
+  sourcetype: 'XmlWinEventLog'
+  source: 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational'

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:6d7213e8ae5e9329d07d55399aa600443eab9229ac8b7c87afb7a153f60ec2e1`
	`3`	`+size 5721`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:5ee9ab56b4218aa52d316105fa330f09261324cd4630aa158d814dc1a72c02bd`
	`3`	`+size 28232`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:7285d5187d1168b0c6f3422360510162beef0bfa4d070dc0e5abf3655ceab91a`
	`3`	`+size 104546`